A Russian firm that provides password-recovery services says it has found a backdoor in the encryption mechanism that Quicken uses to secure password-protected files, a feature that makes millions of users of the personal finance program more vulnerable to government spooks or other highly determined snoops.
Elcomsoft, which …

COMMENTS

I'm not surprised.

I used to work tech support for a company that makes tax preparation software for professional accountants. The managers had a program for cracking passwords on our tax return files, which we occasionally used for customers who couldn't access a return. I'd wager it's fairly common in the industry.

Not too shocking

This isn't too shocking. Given the computing power of equipment of the last few years or so, and the ease and cost of building your own cluster (or, for non-ethical companies, renting a botnet to act as a cluster) and running a distributed program to run the factorization necessary to crack a password, it was only a matter of time.

This is one of the reasons I'm completely against biometrics used as passwords. Typed passwords can (and often are in enterprise settings) changed frequently. Knowing this month's password doesn't help you next month or next year. Biometrics, on the other hand, never change. You cannot change your fingerprint. So you will be using the same password forever. Isn't that exactly what security professionals explicitly tell us NOT to do? In other words, biometrics will make our data LESS secure.

One other thing to consider about biometrics is that they act exactly the same as passwords do now, except the "password" is a number based on the biometric data instead of text you typed in. From that point, it's exactly the same -- the input mechanism sends the password to the program, and the program stores it or compares it against the stored hash. So in order to crack a biometric, all someone needs to do is get a copy of the password hash and run the same exact factorizations they currently do. Once they have the correct number, they just need a way to input it into the system (bypassing the biometric reader).

Having said all that, do I have an answer or even a suggestion? Unfortunately, no, I do not. And while I know it's appropriate to come to the table with answers instead of just negative opinions, I have no idea what can be done. It seems that we will always be playing catch-up in the persistent-password arena. The only thing I can see, and it certainly is not a good workaround, it to use ridiculously long hashes (RSA-16834, anyone)? But even those will eventually be cracked by more powerful computers or clusters. Perhaps the answer is something like SecurID, a token which changes every minute or so. The problems with that are: A) cost, B) receiving the signal, and C) dependence on one company.

Generalities are ALWAYS wrong.

"Administrative-placed backdoors are nothing but bad." Tell that to the fella who has his past 10 years' financial data in Quicken, has forgotten his password, and is now being audited. Data management is always a compromise between convenience and security. I think Intuit did a pretty good job; the only failure I see is that they underestimated the speed with which cracking technology has advanced. But it also looks as if they're willing to admit that and work to improve their products.

"...biometrics will make our data LESS secure." Certainly biometrics-only solutions will; but several solutions I've seen allow you require the biometric AND a password. I don't know a lot about the internal workings, but I'd guess that an ideal would be to encrypt the biometric data with a long secure hash based on the password, so that everytime you change your password the biometric data is re-encrypted, making old copies useless.

Careful with that 'backdoor' reference

Backdoors

There was a little website (that has now disappeared) that listed backdoors and weaknesses to well known encryption programs.

Those ranged from ridiculous (from 4 character passwords to encryption key padding)

It took my safe company a whole day of really hard work (I watched) to open my safe, when I forgot the password that I set. It would have been much easier to enter a backdoor password, but that would defeat the whole point of having a secure safe. If the backdoor password would be known to the engineers of the company, 100% that it would be known to the criminal element. They (the criminals) have access to all the codes, it would seem – I have seen with my own eyes a disk containing the software to program car keys for all the major car manufacturers.

I am sure, however, that the safe company –does- have as backdoor password for the safe, but only the top level engenders would know it (and, obviously the security services)

P.S. as an interesting side note, my clients are often horrified at the ease with which I get into computers (a guy is on lunch, but I need to do something on his PC, so outcomes a CD, and within a couple of minutes, I know his Windows Password) – Office and application passwords are even easier – it is amassing what “secrets” are held in internet explorer, for example ;-)

Steven Knox

"I don't know a lot about the internal workings, but I'd guess that an ideal would be to encrypt the biometric data with a long secure hash based on the password, so that everytime you change your password the biometric data is re-encrypted, making old copies useless."

When someone actually cracks that encryption (and it will happen - the RIAA and MPAA thought they could rely on secure encryption for the latest digital formats, but these are being cracked on regular occasion), you will still have biometric data in the hands of criminals - data that now cannot be changed like a password.

Biometrics are stupid for security and authentication. Aside from the risk of someone lopping your finger / hand off to start up your biometric BMW, there is always the risk that this information will be disclosed. When it is, your identity is non-valid - and as far as public services go, that's you SOL.

So far, the only people I've seen arguing for biometrics are people who own shares in biometrics companies (or with a vested interest in them succeeding). Cynical, but true...

Where's the problem?

I don't see where the problem is with this.

So a backdoor exists - so what? It sounds like it was well engineered, and non-trivial to access.

Ultimately no password on a file should be considered secure, if you don't want people to look at your data then make sure they can't get at it! This is a *file* password backdoor, not a *system* backdoor, so it's useless if you haven't got the file. And if someone who shouldn't has got a file, you've already failed.

Just because some people are incapable of physically and electronically securing their systems, or leave disks, tapes and laptops lying around is no reason to have data consigned to a black hole.

It's far worse to lose access to data you have a legitimate reason (and legal necessity) to get into due to loss of a password (not just forgotten; death, dismissal, sabotage etc. can all be reasons), so a secondary way into the data is always worth having. After all, the IRS or HMRC aren't going to let you off because you've 'forgotten the password'...

No such thing as perfect security

It's always a trade off between security and usability. The news that a 512 bit RSA key has been factorised doesn't surprise me as we have been advised to increase these keylengths to 1024 or better 2048 for some time now. It also isn't a given that a 1024 bit key will be crackable any time soon, though rapid advances in quantum computing might render RSA obsolete at any feasible keylength. The fact is that people are not very good at remembering good enough password entropy to defeat distributed key cracking. Few people who have accounts at 20 websites will be using different credentials at all of them, unless they have most of these written down which is another problem. It is also likely that biometrics will gradually become more acceptable for an increasing range of applications simply because this allows a better set of trade offs between the cost, the convenience and the security level, and the problem of how to deal with it when it goes wrong.

Whatever security humanity has the wit to make he also has the intelligence or forgetfulness to break, so any security system is either useless or it works against the customer if it is without human backup when the system fails e.g. the day it took some skilled engineers working for a safe company to get into a customer safe with a lost key. Generally RSA cryptography is strong enough so that attackers have to find other methods to beat a system, though any standard crypto algorithm will be weak in the DRM case where the keys have to be distributed together with the lock for the system to work in the first place.